Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2022-28094 Cross-Site Scripting (XSS) in online-sports-complex-booking-system-project (CVE-2022-28094)
cross-site scripting in online-sports-complex-booking-system-project (CVE-2022-28094). Risk of unauthorized operations or information disclosure.
CVE-2022-28093 Vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093)
vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093). Successful exploitation can lead to full system takeover.
CVE-2022-29533 Cross-Site Scripting (XSS) in misp-project (CVE-2022-29533)
cross-site scripting in misp-project (CVE-2022-29533). Risk of unauthorized operations or information disclosure.
CVE-2022-29532 Cross-Site Scripting (XSS) in misp-project (CVE-2022-29532)
cross-site scripting in misp-project (CVE-2022-29532). Risk of unauthorized operations or information disclosure.
CVE-2022-29534 Authentication Bypass in misp-project (CVE-2022-29534)
authentication bypass in misp-project (CVE-2022-29534). Data can be tampered with by attackers.
CVE-2021-37291 SQL Injection in sqli (CVE-2021-37291)
SQL injection in sqli (CVE-2021-37291). Successful exploitation can lead to full system takeover.
CVE-2021-37293 Path Traversal in path-traversal (CVE-2021-37293)
path traversal in path-traversal (CVE-2021-37293). Confidential information can be exposed externally.
CVE-2022-26607 Unrestricted File Upload in baigo (CVE-2022-26607)
vulnerability in baigo (CVE-2022-26607). Successful exploitation can lead to full system takeover.
CVE-2022-26645 Unrestricted File Upload in oretnom23 (CVE-2022-26645)
vulnerability in oretnom23 (CVE-2022-26645). Successful exploitation can lead to full system takeover.
CVE-2021-40904 Vulnerability in checkmk (CVE-2021-40904)
vulnerability in checkmk (CVE-2021-40904). Successful exploitation can lead to full system takeover.
CVE-2021-40906 Cross-Site Scripting (XSS) in checkmk (CVE-2021-40906)
cross-site scripting in checkmk (CVE-2021-40906). Risk of unauthorized operations or information disclosure.
CVE-2022-25574 Cross-Site Scripting (XSS) in douco (CVE-2022-25574)
cross-site scripting in douco (CVE-2022-25574). Risk of unauthorized operations or information disclosure.
CVE-2019-11043 KEV [KEV] Vulnerability in Php fastcgi-process-manager-fpm (CVE-2019-11043)
vulnerability in Php fastcgi-process-manager-fpm (CVE-2019-11043). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2012-1823 KEV [KEV] Vulnerability in php (CVE-2012-1823)
vulnerability in php (CVE-2012-1823). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-27245 SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-27245)
SSRF in ssrf (CVE-2022-27245). Successful exploitation can lead to full system takeover.
CVE-2022-27246 Cross-Site Scripting (XSS) in misp-project (CVE-2022-27246)
cross-site scripting in misp-project (CVE-2022-27246). Risk of unauthorized operations or information disclosure.
CVE-2021-45834 Unrestricted File Upload in opendocman (CVE-2021-45834)
vulnerability in opendocman (CVE-2021-45834). Successful exploitation can lead to full system takeover.
CVE-2021-44087 Vulnerability in attendance-and-payroll-system-project (CVE-2021-44087)
vulnerability in attendance-and-payroll-system-project (CVE-2021-44087). Successful exploitation can lead to full system takeover.
CVE-2022-24618 Vulnerability in c (CVE-2022-24618)
vulnerability in c (CVE-2022-24618). Successful exploitation can lead to full system takeover.
CVE-2022-24512 Code Injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512)
code injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
CVE-2022-24464 Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
CVE-2022-25018 Code Injection in pluxml (CVE-2022-25018)
code injection in pluxml (CVE-2022-25018). Successful exploitation can lead to full system takeover.
CVE-2021-37504 Cross-Site Scripting (XSS) in hayageek (CVE-2021-37504)
cross-site scripting in hayageek (CVE-2021-37504). Risk of unauthorized operations or information disclosure.
CVE-2021-4090 Out-of-Bounds Write in c (CVE-2021-4090)
out-of-bounds write in c (CVE-2021-4090). Confidential information can be exposed externally.
CVE-2022-22901 Vulnerability in c (CVE-2022-22901)
vulnerability in c (CVE-2022-22901). Risk of unauthorized operations or information disclosure.
CVE-2021-45416 Cross-Site Scripting (XSS) in rosariosis (CVE-2021-45416)
cross-site scripting in rosariosis (CVE-2021-45416). Risk of unauthorized operations or information disclosure.
CVE-2021-46115 Unrestricted File Upload in c (CVE-2021-46115)
vulnerability in c (CVE-2021-46115). Successful exploitation can lead to full system takeover.
CVE-2021-25296 KEV [KEV] OS Command Injection in nagios (CVE-2021-25296)
OS command injection in nagios (CVE-2021-25296). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-25297 KEV [KEV] OS Command Injection in nagios (CVE-2021-25297)
OS command injection in nagios (CVE-2021-25297). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-25298 KEV [KEV] OS Command Injection in nagios (CVE-2021-25298)
OS command injection in nagios (CVE-2021-25298). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-44832 Vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832)
vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.17.1` or later.
CVE-2020-20426 Cross-Site Scripting (XSS) in s-cms (CVE-2020-20426)
cross-site scripting in s-cms (CVE-2020-20426). Risk of unauthorized operations or information disclosure.
CVE-2021-42216 A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
CVE-2018-10228 Cross-Site Scripting (XSS) in limesurvey (CVE-2018-10228)
cross-site scripting in limesurvey (CVE-2018-10228). Risk of unauthorized operations or information disclosure.
CVE-2021-43687 Cross-Site Scripting (XSS) in chamilo (CVE-2021-43687)
cross-site scripting in chamilo (CVE-2021-43687). Risk of unauthorized operations or information disclosure.
CVE-2021-22204 KEV [KEV] Vulnerability in Perl exiftool (CVE-2021-22204)
vulnerability in Perl exiftool (CVE-2021-22204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-25877 Code Injection in youphptube (CVE-2021-25877)
code injection in youphptube (CVE-2021-25877). Successful exploitation can lead to full system takeover.
CVE-2021-37223 SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-37223)
SSRF in ssrf (CVE-2021-37223). Confidential information can be exposed externally.
CVE-2021-40639 Vulnerability in jflyfox (CVE-2021-40639)
vulnerability in jflyfox (CVE-2021-40639). Confidential information can be exposed externally.
CVE-2020-20585 SQL Injection in c (CVE-2020-20585)
SQL injection in c (CVE-2020-20585). Confidential information can be exposed externally.
CVE-2020-22168 SQL Injection in sqli (CVE-2020-22168)
SQL injection in sqli (CVE-2020-22168). Confidential information can be exposed externally.
CVE-2021-34202 Out-of-Bounds Write in c (CVE-2021-34202)
out-of-bounds write in c (CVE-2021-34202). Successful exploitation can lead to full system takeover.
CVE-2020-26679 Vulnerability in vfairs (CVE-2020-26679)
vulnerability in vfairs (CVE-2020-26679). Risk of unauthorized operations or information disclosure.
CVE-2021-33425 Cross-Site Scripting (XSS) in openwrt (CVE-2021-33425)
cross-site scripting in openwrt (CVE-2021-33425). Risk of unauthorized operations or information disclosure.
CVE-2020-21843 Out-of-Bounds Write in c (CVE-2020-21843)
out-of-bounds write in c (CVE-2020-21843). Successful exploitation can lead to full system takeover.
CVE-2020-21834 A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.
A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.
CVE-2020-21839 Vulnerability in c (CVE-2020-21839)
vulnerability in c (CVE-2020-21839). Risk of unauthorized operations or information disclosure.
CVE-2020-21840 Out-of-Bounds Write in c (CVE-2020-21840)
out-of-bounds write in c (CVE-2020-21840). Successful exploitation can lead to full system takeover.
CVE-2020-21827 Out-of-Bounds Write in c (CVE-2020-21827)
out-of-bounds write in c (CVE-2020-21827). Successful exploitation can lead to full system takeover.
CVE-2020-21814 Out-of-Bounds Write in c (CVE-2020-21814)
out-of-bounds write in c (CVE-2020-21814). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →